■■■□□ CVE-2022-22954 is being exploited by a threat actor from China with the IP of 117.89.211.135. https://t.me/cKure/11186
All posts tagged hack
April 13, 2022 at 01:26AM
PoC: VMware CVE-2022-22954 Workspace ONE Access Freemarker Server-side Template Injection. Originally mentioned here https://t.me/ckuRED/117 is the first public disclosure of the vulnerability https://github.com/sherlocksecurity/VMware-CVE-2022-22954 https://t.me/cKure/11184
April 13, 2022 at 01:21AM
■□□□□ Madeira and Prospera will reportedly become the next territories to adopt bitcoin as an official means of payment inside their borders following El Salvador in its stupidity of allowing a Decentralised, rightly controlled electronic FIAT currency. ● As of now there is 30% increase in tourism in general in El Salavador and the 2…
April 13, 2022 at 01:07AM
■■□□□ Critical LFI Vulnerability Reported in Hashnode Blogging Platform. https://thehackernews.com/2022/04/critical-lfi-vulnerability-reported-in.html https://t.me/cKure/11181
April 13, 2022 at 01:06AM
■■□□□ AWS RDS Vulnerability Leads to AWS Internal Service Credentials. https://blog.lightspin.io/aws-rds-critical-security-vulnerability https://t.me/cKure/11180
April 13, 2022 at 12:59AM
■■■■□ Microsoft: New malware uses Windows bug to hide scheduled tasks. https://www.bleepingcomputer.com/news/security/microsoft-new-malware-uses-windows-bug-to-hide-scheduled-tasks/ https://t.me/cKure/11179
April 11, 2022 at 10:28PM
Tool: A modern, simple TCP tunnel in Rust that exposes local ports to a remote server, bypassing standard NAT connection firewalls. That’s all it does: no more, and no less. https://github.com/ekzhang/bore https://t.me/cKure/11178
April 11, 2022 at 05:12PM
■■■■□ HPE fixed two vulnerabilities in OneView found by ‘PT Swarm’ researcher Nikita Abramov. CVE-2022-23699 – Authentication Restriction Bypass CVE-2022-23700 – Unauthorized Read Access to Files https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04252en_us https://t.me/cKure/11177
April 11, 2022 at 02:48PM
■■■■■ Zero-Day: CVE-2022-22954 Server-Side Template Injection in VMware Workspace ONE Access. Successful exploitation could lead to RCE from an unauthenticated user via HTTP-POST request by chaining 2 exploits. Patch ASAP! We had reported earlier about the Zero-Day here: https://t.me/cKure/11024 https://twitter.com/ptswarm/status/1512083327884271619 https://t.me/cKure/11175
April 11, 2022 at 02:45PM
■■■■■ PoC for CVE-2022-28281 a Mozilla Firefox Out of bounds write. https://github.com/0vercl0k/CVE-2022-28281 https://t.me/cKure/11174